The UK’s Solicitors Regulation Authority (SRA) has warned of another email scam that impersonated a real law firm in order to hijack a real estate transaction, according to Martin Parrin at Today’s Conveyancer.
A fraudulent email was sent to a client of Dutton Gregory Solicitors requesting that the client send the remainder of a transaction to a different bank account for security reasons. The scammers signed the email with the name of a real employee at Dutton Gregory, and the message was sent from an address that was very similar to the firm’s legitimate domain.
The SRA has put out eight email scam reports in July, highlighting the frequency of impersonation attacks. Parrin cites a UK Finance report which stated that BEC attacks resulted in UK businesses losing £123.7 million during 2018.
“Of the 7,544 malicious redirection scams completed, over 9,000 payments were made with an average individual loss of £20,750,” Parrin writes. “These statistics highlight the importance of ensuring the people you are communicating with are legitimate.”
In this case, the scammers sent their email from dutongregory[dot]com, rather than the genuine duttongregory.co.uk. A trained and vigilant user could have easily spotted these discrepancies. New-school security awareness training can teach your employees to be on the lookout for signs of malicious impersonation, particularly when financial transactions or sensitive information is involved.
Today’s Conveyancer has the story: https://www.todaysconveyancer.co.uk/main-news/fraudsters-increasingly-using-email-target-law-firms-clients/